[philihp]

They very likely hired an external firm to write their PDF export, and the person implementing it was just trying to finish the contract on time and to spec.

The overhead of maintaining a properly secured PKI key and implementing signing of generated PDFs with it is nonzero.

Banks aren't always rotten and soulless, they are cold and lazy machines that do the bare minimum that their customers ask.

This project is great, let's spread awareness that PDFs _can_ keep an internal digital signature and maybe someday their customers will demand it.